public async Task WhenEncryptionKeyIsNullOrEmpty_DoesNotEncryptHMACSecretInFile(string nullOrEmpty)
{
using (var sut = new FileSystemClientStore(_fileManager, _signatureAlgorithmDataRecordConverter, nullOrEmpty)) {
var hmac = new HMACSignatureAlgorithm("s3cr3t", HashAlgorithmName.SHA384);
var client = new Client(
"c1",
"app one",
hmac,
TimeSpan.FromMinutes(1),
TimeSpan.FromMinutes(2),
RequestTargetEscaping.RFC2396,
new Claim("company", "Dalion"),
new Claim("scope", "HttpMessageSigning"));
await sut.Register(client);
var dataRecords = await _fileManager.Read();
var loaded = dataRecords.Single(r => r.Id == client.Id);
loaded.SigAlg.Param.Should().NotBeNullOrEmpty();
var unencryptedKey = Encoding.UTF8.GetString(hmac.Key);
loaded.SigAlg.Param.Should().Be($"<Secret>{unencryptedKey}</Secret>");
loaded.SigAlg.Encrypted.Should().BeFalse();
}
}
public FileSystemClientStoreTests()
{
var tempFilePath = Path.Combine(Path.GetTempPath(), Guid.NewGuid() + ".xml");
_fileManager = new ClientsFileManager(
new FileReader(),
new FileWriter(),
tempFilePath,
new ClientDataRecordSerializer());
var encryptionKey = new SharedSecretEncryptionKey("The_Big_Secret");
_signatureAlgorithmDataRecordConverter = new SignatureAlgorithmDataRecordConverter(new FakeStringProtectorFactory());
_sut = new FileSystemClientStore(_fileManager, _signatureAlgorithmDataRecordConverter, encryptionKey);
}
